How to block spam in Lotus Domino 6.x?

This is a simple how to, and I hope will take you a quick guide to block spam with Lotus Domino 6.x

First, Lotus Domino is a great software. It’s not just email, it simple more than that. If you want to use just email, you can have many options availbale, from pop3, imap, exchange, webmail etc. But if you need email AND also sharing, groupware and colaboration capabilities, Lotus Domino is the BEST choice.

But, when it many features, Lotus Domino is lack of it anti spam capabilities. It’s improving, but still not enough.

If you have resources and time, you should put another server in the front of Lotus Domino to handle spam, but if you not, you can maximize Lotus Domino features. Like I said, its not enough, but its better then nothing.

All smtp configurations available in Domino Directory at Configuration –> Servers –> Configuration

DNS Blacklist Filters
This is a must. This is the first guard againts spam, in others mta, it known as rbl or dnsbl.
Most popular rbl servers are spamhaus and spamcop.
How it works? In smtp connection, smtp task will do a query for every incoming email if that email originating ip listed in the rbl server. If listed, then the smtp task simple reject the server, if not than continue the smtp connection. It saves bandwith and server resources and it block spam.
One must be carefull to choose the rbl server, because some servers are very aggresive, it may block your legitimate emails.
My persoanl choice is spamhaus, and the server is sbl-xbl.spamhaus.org. But that my personal choice.

Options available in DNS Blacklist Filters and also an example:
DNS Blacklist filter: Enabled
DNS Blacklist sites: sbl-xbl.spamhaus.org
Desired Actions when a connecting host is found in a DNS Blacklist: Log and Reject messages.
Custom SMTP error response for rejected messages: ‘leave it blank’

Inbound Connection Controls
If you want to tight up the spam control than you can enable this. It will check your the host (computer name) than send the emails is listed in DNS query, and it must have reverse lookup entry in DNS.
Example: If new email come from domain testdomain.com with hostname testhost, the smtp will check if the testhost.testdomain.com will resolve an ip address. If not the it will reject the connection. If it resolve an ip address like 202.xxx.xxx.xxx then it will accept the connection.

Options availbale in Verify connecting hostname is DNS:
Allow connections only from the following SMTP internet hostnames/IP addresses:
Deny connections only from the following SMTP internet hostnames/IP addresses:

Inbound Sender Controls
This is a must. The smtp will check if the domain sender can be found in a DNS query. If not, it simply reject the connection.

Options available in Verify sender’s domain in DNS:
Allow messages only from the follwoing external internet addresses/domains:
Deny messages only from the follwoing external internet addresses/domains:

8 thoughts on “How to block spam in Lotus Domino 6.x?

  1. budi says:

    hai,

    nice blog & good resource
    btw, i just want to update you regarding the :

    DNS Blacklist sites: sbl-xbl.spamhaus.org

    Now, they already change to : zen.spamhaus.org

    pls refer to :
    http://www.spamhaus.org/zen/index.lasso

    tq & have a nice day

  2. bfebrian says:

    Thanks for the info.

    Quote from spamhaus.org
    ” In most cases, zen.spamhaus.org replaces sbl-xbl.spamhaus.org. If you are currently using sbl-xbl.spamhaus.org you should now replace ‘sbl-xbl.spamhaus.org’ with ‘zen.spamhaus.org’.”

    And I just did. 🙂

  3. leonardi says:

    ‘ve been using ASSP for 9 months, works well with domino, ASSP acts as proxy prior hitting domino SMTP server; best of all it’s free and implement many antispam methods to effectively block spams

  4. John Guirguis says:

    I am using zen.spamhaus.org to block spams on my domino server & it works fine for 5 or 6 months.
    But sudenly it reject all incoming mails including the trusted domains.
    Did anyone face the same problem?

  5. @John
    How much emails traffic to your domino server?
    zen.spamhaus.org it’s free only for low volume emails traffic, but it will blocked your queries if you use it for high volume emails traffic.
    Please see http://www.spamhaus.org/organization/dnsblusage.html for more details.
    I’m using sendmail and mailscanner in my smtp server.
    I put spamcop.net in mta level (medium volume) and the rest of the spam (low volume) are handle by zen.spamhaus.org in mailscanner.
    I don’t think that domino server support this two level of DNSBL, if you like spamhaus.org, maybe you should use the professional services for a fee.

  6. Bub says:

    I am having the same problem as John Gurguis. From this morning not single mail has come. I tried sendin mail to myself from my yahoo and gmail e-mail, but seems like my domino mail server is rejecting everyone beacue of the zen.spamhaus.org spam filter! gmail and yahoo are surely not on blacklist. I’ve been useing zen.spamhaus.org for non-commercial use for over a year now

  7. Bub says:

    @John Guirguis: Did you find out what the problem was? I am having the same problem now

    1. admin says:

      Please check the term if use first at http://www.spamhaus.org/organization/dnsblusage.html. i stop using zen because if it.

Leave a Reply to budi Cancel reply